Tuesday’s massive ransomware outbreak was, in fact, something
much worse
Tuesday's massive outbreak of malware that shut
down computers around the world has been almost universally blamed on
ransomware, which by definition seeks to make money by unlocking data held
hostage only if victims pay a hefty fee. Now, some researchers are drawing an even
bleaker assessment—that the malware
was a wiper with the objective of permanently destroying data.
Initially, researchers said the malware was a new version
of the Petya
ransomware that first struck in early 2016. Later, researchers said it was a new,
never-before-seen ransomware package that mimicked some of Petya's behaviors. With more time to analyze the malware,
researchers on Wednesday are highlighting some curious behavior for a piece of
malware that was nearly perfect in almost all other respects: its code is so
aggressive that it's impossible for victims to recover their data.
In other words, the researchers said, the payload
delivered in Tuesday's outbreak wasn't ransomware at all. Instead, its true objective was to permanently
wipe as many hard drives as possible on infected networks, in much the way the Shamoon
disk wiper left a wake of destruction in Saudi Arabia. Some researchers have said Shamoon is likely
the work of developers sponsored by an as-yet unidentified country. Researchers analyzing Tuesday's
malware—alternatively dubbed PetyaWrap, NotPetya, and ExPetr—are speculating
the ransom note left behind in Tuesday's attack was, in fact, a hoax intended
to capitalize on media interest sparked by last month's massive
WCry outbreak.
How seriously can you take a threat with no evidence of
the ability to do what they claim? What is
the downside of ignoring them?
Yonhap News Agency reports:
Banks and other financial
institutions in South Korea have been on guard over threats of cyberattacks by
alleged financial blackmailers, according to the banks and financial
institutions on Tuesday.
No damage has been reported so
far, but about 20 banks, brokerages and the Korea Exchange received threats by
hacking groups about paralyzing their Web sites.
They received e-mails that set a
deadline to transfer funds to the blackmailers to avoid the attacks.
On Monday, four financial
institutions — the Korea Financial Telecommunications & Clearings
Institute, Suhyup Bank, DGB Daegu Bank and JB Bank — came under a distributed
denial of service attack by a hacking extortion group named “The Armada
Collective.”
Read more on Yonhap
News Agency.
An anti-social attack on social media.
Joseph Cox reports:
Millions of accounts for internet
radio service 8tracks are being traded on the digital
underground, judging by a set of stolen user details obtained by Motherboard.
8tracks is cross between a social
network and an internet radio site, allowing users to stream custom playlists. The site offers both free and paid accounts
which only for ad-free listening.
Motherboard obtained a dataset of
around 6 million 8track usernames, email addresses, and hashed passwords. For-profit breach notification site LeakBase provided Motherboard with the data, and claims
that the full dataset comprises of around 18 million accounts. The passwords appear to be hashed with the
SHA1 algorithm, meaning hackers may be able to crack the hashes and obtain some
of the original passwords.
Read more on Motherboard.
For my Ethical Hacking students?
'Elsa' Tool Allows CIA to Locate Users via Wi-Fi
WikiLeaks has published a
document detailing “Elsa,” a tool allegedly used by the U.S. Central
Intelligence Agency (CIA) to track people’s locations via their laptop’s Wi-Fi.
According to its developers, Elsa provides
geolocation data by recording the details of Wi-Fi access points, including
signal strength, in range of the targeted Windows device. The user’s location and movements can be
obtained after the data is sent to third-party location services.
Once Elsa is planted on the target’s computer, it monitors
nearby Wi-Fi connections even if the device is not connected to the Internet. Once an Internet connection is available, the
malware can send the collected Wi-Fi data to a database containing the
geographical location of wireless access points.
See? We’re all
citizens of the world. Virtually.
Google Must Delete Search Results Worldwide, Supreme Court of
Canada Rules
The Supreme Court of Canada ruled against Google on Wednesday in a closely-watched intellectual property case over whether
judges can apply their own country's laws to all of the Internet.
In a 7-2 decision, the court agreed a British
Columbia judge had the power to issue an injunction forcing Google to scrub
search results about pirated products not just in Canada, but everywhere else
in the world too.
Those siding with Google, including civil
liberties groups, had warned that allowing the injunction would harm free
speech, setting a precedent to let any judge anywhere order a global ban on
what appears on search engines. The
Canadian Supreme Court, however, downplayed this objection and called Google's
fears "theoretical."
"This is not an order to remove speech that, on its
face, engages freedom of expression values, it is an order to de-index websites
that are in violation of several court orders. We have not, to date, accepted that freedom of
expression requires the facilitation of the unlawful sale of goods," wrote
Judge Rosalie Abella.
(Related). This one
is about free speech, right?
Turkey tells Twitter to shut down American's account
Turkey demanded that Twitter take down a prominent
American scholar’s account, saying he had violated the personal rights of the
country’s leader President Recep Tayyip Erdoğan.
Twitter alerted American Enterprise scholar Michael Rubin
on Monday that it had received a court order from Turkey, dated June 16, saying
the social media platform had seven days to take down Rubin’s account, or else
the company would face punishments under Turkish law, including potential
fines.
Free and anonymous speech. Is the government saying these people DID
witness “unlawful conduct” or that they may have?
The DOJ Wants To Take Away Online Privacy. And A Court Says
Okay
Even if you didn’t commit a crime, and so no warrant has
been issued (per your Fourth Amendment rights), the government can still take
away your online anonymity, says a court. Even if all you did was use your First
Amendment-protected right to speak about a private company online, the
government can unmask you.
… The government
is arguing they should be able to find out someone’s identity as long as they
are not acting in "bad faith." Glassdoor is
arguing that, legally speaking, the government should be required to pass a
"compelling interest" test before being given the authority to demand
peoples’ identities from a private company.
… In this case the
DOJ wants internet protocol (IP) addresses and more from o eight people
who published comments about a certain company. The DOJ says these eight people can “offer
common employee insights” into the company under investigation and that they
are “third party witnesses to potential unlawful conduct.”
Google as victim?
Ends, Means, and Antitrust
… What Constitutes
a Competitive Product?
This is by far the most concerning part of the European
Commission’s decision, for two reasons.
First, if I search for a specific product, why would I not
want to be shown that specific product? It
frankly seems bizarre to argue that I would prefer to see links to shopping
comparison sites; if that is what I wanted I would search for “Shopping
Comparison Sites”, a request that Google is more than happy to fulfill […]
The European Commission is effectively arguing that Google
is wrong by virtue of fulfilling my search request explicitly; apparently they
should read my mind and serve up an answer (a shopping comparison site) that is
in fact different from what I am requesting (a product)?
The second reason is even more problematic: “Google
Shopping” is not actually a search product; it is an ad placement:
Reversing the trend?
Staples Is Being Bought for $6.9 Billion
Sycamore Partners said on Wednesday it would acquire
U.S. office supplies chain Staples for $6.9 billion, a rare bet by a
private equity firm this year in the U.S. retail sector, which has been roiled by the popularity of internet shopping.
Buyout firms largely have refrained from
attempting leveraged buyouts of U.S. retailers in the past two years, amid a
wave of bankruptcies in the sector that have included Sports Authority, Rue21,
Gymboree and BCBG Max Azria.
Sycamore's deal for Staples,
however, which Reuters was first to report would come this week,
illustrates that some buyout firms are distinguishing between mall-based
fashion retailers, which are vulnerable to changing consumer tastes, from retailers with a niche and rich cash flow,
such as Staples.
The acquisition also shows that Sycamore,
whose buyout fund is dedicated to retail deals, is willing to take on the risk
of falling store sales at Staples because of the potential it sees in Staples' delivery unit, which supplies
businesses directly.
For my Spreadsheet students.
… So what do you
need the Developer tab for? The Developer tab is home to macros that you
can use to automate repetitive tasks like sending
emails from an Excel spreadsheet or automatically inserting text strings. Using the Developer tools will require a
little bit of coding knowledge.
Attention students: News to match your classes.
Google News Redesigned
by Sabrina
I. Pacifici on Jun 28, 2017
“Every day people come to Google News for a trusted view
of the world. It’s there for everything
from moments of political change to gripping sports events to daily local news.
To make news more accessible and easier
to navigate, we redesigned the desktop website
with a renewed focus on facts, diverse perspectives, and more control for
users. The new UI has a clean and
uncluttered look, designed for comfortable reading and browsing.
- We’ve adopted a card format that makes it easier to browse, scan and identify related articles about a story.
- The new layout focuses on key elements, such as publisher names and article labels, and maintains your view and place on the page as you click in and out of stories and explore topics.
- We dedicated the navigation column on the left to sections that you customize. You can jump quickly to news you enjoy, whether it’s standard sections like Sports or Entertainment, or those created by you and powered by your queries, such as “FIFA World Cup” or “Bollywood.”…” [or “Privacy” or “Security” Bob]
No comments:
Post a Comment